Who touched what, when — provable, page by page.
Chain of custody and audit trail software from Medrecords AI logs every ingest, access, edit, and export immutably from the moment a file arrives. When admissibility or a HIPAA audit asks who touched what, and when, you export a custody report per production instead of reconstructing an argument.
Custody starts the moment the file arrives.
Every upload is hashed with SHA-256 before anything else happens, then stamped into the log with the source, packet, page count, and uploading user. From that first entry forward, the record's handling history writes itself.
The access log a HIPAA audit actually asks for.
Every view, search, annotation, share, download, and export is captured with user, timestamp, and case context — PHI access logging on every event, not a sample. Filter by case, actor, or event type and hand the answer over.
A custody report per production, not an argument.
When a production goes out, export a single document custody report: the hash captured at ingest, the complete touch history, and the export event itself. If admissibility is questioned in litigation, you attach the report — the handling history is already proven, page by page.
A log you can't rewrite is a log you can defend.
The trail is append-only by design: corrections are new entries that reference the original, and even a denied edit attempt is written down. That is what makes the output audit-grade and legally defensible — the same standard as the rest of the platform, where every fact is cited to its page and source.
See the security architectureFrom first byte to court-ready custody report.
Three steps, zero manual bookkeeping — the trail builds itself while your team works the file.
Every file is SHA-256 hashed on arrival and stamped into the log with packet, page count, and uploader.
Views, searches, annotations, shares, downloads, exports — each appended with user, timestamp, and case context.
One PDF per production: hash at ingest, full handling history, and the export event — ready for court or audit.
Who needs the custody question answered.
Same immutable trail, different stakes: admissibility for one team, audit exposure for another.
Prove exactly which records the evaluator reviewed — and that nothing changed after.
For IME orgsWhen admissibility is challenged, the custody report answers instead of the paralegal's memory.
For law firmsClient audits answered per case, per user — without reconstructing handling after the fact.
For TPAsHIPAA access logging on every claim file event — compliance evidence on demand.
For carriersChain of custody, answered.
No one can edit or delete a log entry — not a case admin, not Medrecords staff. The trail is append-only: a correction is a new entry that references the original, so the history of the history is itself preserved.
Ingest (with the file hash), every page view, search, annotation, edit, share, download, and export — each stamped with the user, timestamp, and case context. Because the records contain PHI, access logging runs on every event, not a sample.
Yes. One PDF per production: the file hash captured at ingest, the complete touch history, and the export event itself. When opposing counsel questions whether the packet was altered in handling, you attach the report instead of arguing.
A HIPAA audit asks who accessed this record and when. The access log answers that directly, per case and per user, and exports cleanly for your compliance team or the auditor. Records are processed under a signed BAA with encryption in transit and at rest.
Yes. Every file is hashed with SHA-256 the moment it arrives, before any processing. The hash is written into the log and the custody report, so you can prove the packet you reviewed is byte-for-byte the packet you were produced.
Related capabilities
Expiring, watermarked links — every open lands in this same log.
ExploreRedact before production — with every redaction event logged.
ExplorePage-level identity for productions, paired with the custody trail.
ExploreWrong-patient pages caught and quarantined — like p.140 — with the event logged.
ExploreSee the custody trail your next production deserves.
Upload a file and watch the log build itself — hash, history, and custody report included. Handled under our BAA; never used to train a model.